search

nokia / kong-oidc

OIDC plugin for Kong
Apache License 2.0
454 stars 320 forks source link

redirect_uri is getting twice in the url #121

Closed mssaisandeep closed 4 years ago

mssaisandeep commented 5 years ago

I just configured OpenID plugin. Till yesterday it worked. But now, while redirecting to keycloak(OpenID Provider) I am getting an invalid redirect_uri error. When I checked the browser url, I am getting this:

redirect_uri=http%3A%2F%2F54.206.43.102%3A9000http%3A%2F%2F54.206.43.102%3A9000%2Fapi%2Fv1%2Fcustomers

Decoded = http://54.206.43.102:9000http://54.206.43.102:9000/api/v1/customers If you observer, ipaddress and port are getting added twice..

Where there will be issue? Please help me.

Configured Plugin Settings: { "next": null, "data": [ { "created_at": 1556541452, "config": { "response_type": "code", "introspection_endpoint": "http://52.65.116.69:8080/auth/realms/OTAccess/protocol/openid-connect/token/introspect", "filters": null, "bearer_only": "no", "ssl_verify": "no", "session_secret": null, "introspection_endpoint_auth_method": null, "realm": "OTAccess", "redirect_after_logout_uri": "/", "scope": "openid,profile", "token_endpoint_auth_method": "client_secret_post", "logout_path": "/logout", "client_id": "demokong", "client_secret": "a67dcd79-92bc-4e9a-b6b3-7477182746a3", "discovery": "http://52.65.116.69:8080/auth/realms/OTAccess/.well-known/openid-configuration", "recovery_page_path": null, "redirect_uri_path": "http://54.206.43.102:9000/api/v1/customers" }, "id": "1a4b8d27-8795-4e05-93af-f1f6d0989c75", "service": null, "name": "oidc", "protocols": [ "http", "https" ], "enabled": true, "run_on": "first", "consumer": null, "route": null, "tags": null } ] }

mssaisandeep commented 4 years ago

The issue got fixed... Thanks

HaraShun commented 4 years ago

@mssaisandeep

Hello.

I face the same problem... 🤒

Could you tell me how to solve it ? 🤔

sandeepmachiraju commented 4 years ago

Hey don’t provide redirect_uri_path variable. Basically whatever you enter in browser to access your service via kong will be taken as redirect_uri_path on the fly dynamically. So no need to add this.

Try it out by removing this redirect_uri_path from config

Sorry for the delay in response. I was traveling and couldn’t reply.

HaraShun commented 4 years ago

Oh thx.

Yeah , I found the insight you tell, and I also dont use redirect_uri_path too.

Thank you for you kindness 👍